[[PageOutline(2-5,Contents,pullout)]] [[html(
)]] '''!ToDo''' * short-term: #6803, #3343, #5299 '''News''' 09-Oct-2010:: Growing number long-standing issues resolved, prepare for a maintenance release based on current ''trunk'' (open: 61) 28-Sep-2010:: Maintainership handed over from [wiki:pacopablo] to [wiki:hasienda] 26-Sep-2010:: Starting ticket list cleanup and triaging (open: 96) [[html(
)]] = Account Manager Plugin = == Description == The AccountManagerPlugin offers several features for managing user accounts: * allow users to register new accounts * login via an HTML [wiki:AccountManagerPlugin#LoginModule form] instead of using HTTP authentication * allow existing users to change their passwords or delete their accounts These features are new in the plugin for Trac 0.10. * send a new password to users who’ve forgotten their password * administration of user accounts == Bugs/Feature Requests == Existing bugs and feature requests for !AccountManagerPlugin are available from Trac-Hacks [query:?status!=closed&group=&component=AccountManagerPlugin&order=priority ticket system]. If you have any issues that is not found in [query:?component=AccountManagerPlugin&order=priority existing tickets], create a [http://trac-hacks.org/newticket?component=AccountManagerPlugin&owner=hasienda new ticket], please. == Install == First make sure you’ve [trac:wiki:TracPlugins#Requirements installed setuptools]. Make sure you have a version >= 0.6c9, since previous versions contain a bug which makes the installation fail. xccx Then you can install the plugin using the `easy_install` application. '''Note:''' Windows users will need to [http://peak.telecommunity.com/DevCenter/EasyInstall#windows-notes add easy_install to their PATH]. For Trac 0.9: {{{ easy_install http://trac-hacks.org/svn/accountmanagerplugin/0.9 }}} For Trac 0.10: Install the trac:WebAdmin plugin. Then install this plugin: {{{ easy_install http://trac-hacks.org/svn/accountmanagerplugin/0.10 }}} For Trac 0.11 {{{ easy_install http://trac-hacks.org/svn/accountmanagerplugin/0.11 }}} For Trac 0.12: {{{ easy_install https://trac-hacks.org/svn/accountmanagerplugin/trunk }}} If you are using the tracd standalone server or Apache 2.2.x you will need to restart it to detect the plugin. == Source == [source:/accountmanagerplugin Browse the source] Subversion Checkout (depends on your Trac version): {{{ svn co http://trac-hacks.org/svn/accountmanagerplugin/0.9 svn co http://trac-hacks.org/svn/accountmanagerplugin/0.10 svn co http://trac-hacks.org/svn/accountmanagerplugin/0.11 svn co http://trac-hacks.org/svn/accountmanagerplugin/trunk }}} Downloads: * [download:accountmanagerplugin/0.9 0.9] * [download:accountmanagerplugin/0.10 0.10] * [download:accountmanagerplugin/0.11 0.11] * [download:accountmanagerplugin/trunk trunk] == Components == In order to use the features of the AccountManager you will need to enable some or all of its components. The easiest way to enable the components is via the trac:WebAdmin plugin. Users logged in with the TRAC_ADMIN permission will be able to manage the enabled components: [[Image(components-admin.png)]] Components can also be enabled or disabled in the [trac:TracIni trac.ini] file under the `[components]` section. For example to enable the login form and disable user registration: {{{ [components] trac.web.auth.LoginModule = disabled acct_mgr.web_ui.LoginModule = enabled acct_mgr.web_ui.RegistrationModule = disabled }}} The available components are described below. === !AccountManager === '''Package''':: acct_mgr.api This is the core of this plugin. This component ''must'' be enabled to use any of the other components. === !AccountManagerAdminPage === '''Package''':: acct_mgr.admin '''Note:''' This component requires Trac 0.10 or later This component adds a new page to the trac:WebAdmin section for managing user accounts. It requires the `TRAC_ADMIN` permission to access. {{{ [components] acct_mgr.admin.AccountManagerAdminPage = enabled }}} [[Image(account-manager-admin.png)]] === !AccountModule === '''Package''':: acct_mgr.web_ui Allows users to change their password, or delete their account. When logged in it will appear as a tab “Account” after clicking the “Preferences” link. {{{ [components] acct_mgr.web_ui.AccountModule = enabled }}} [[Image(my-account.png)]] '''New for Trac 0.10:''' When used in combination with the [wiki:AccountManagerPlugin#LoginModule LoginModule] it adds a link to the login page “Forgot your password?” where users can reset their password if they’ve forgotten it. You will need to have your SMTP server information configured in your {{{trac.ini}}} for the “Forgot your password?” link to show up and enable AccountChangeListener. {{{ [components] acct_mgr.notification.accountchangelistener = enabled }}} [[Image(reset-password.png)]] '''New for Trac 0.11:''' When a user resets their password they will be required to change their password on the next successful login. This can be disabled via the `trac.ini` by setting `force_passwd_change = false`. === !LoginModule === '''Package''':: acct_mgr.web_ui '''Warning:''' this module is not supported using the [trac:TracStandalone tracd] stand-alone server on Trac 0.9. It either needs Trac 0.10 or later, or an external webserver such as Apache. Allows users to login via a HTML form instead of using HTTP authentication. {{{ [components] acct_mgr.web_ui.LoginModule = enabled }}} [[Image(login-form.png)]] ==== Disable HTTP authentication ==== To use the AccountManager’s form-based login system instead, add this to the `[components]` section of your trac.ini: {{{ trac.web.auth.LoginModule = disabled }}} When using the [trac:TracStandalone tracd] server be sure '''not''' to use the `--auth` or `--basic-auth` options. Using either of these options will cause tracd to popup the username/password dialog box and you will not be able to use the HTML form. If you have previously enabled authentication for Trac on Apache, you will need to disable it or Apache will popup the username/password dialog and you will be unable to use the HTML form. In order to disable the authentication look for a section in the Apache configuration file like: {{{ # Some options like AuthType and AuthUserFile Require valid-user }}} Deleting or commenting the `Require valid-user` line should be sufficient to disable HTTP authentication. After you’ve tested it you can probably delete or comment out the rest of the authentication options. In some pre-bundled packages as Bitnami Trac you will find it inside an apache configuration extension as trac.conf (BitnamiTrac\trac\conf\trac.conf) === !RegistrationModule === '''Package''':: acct_mgr.web_ui Enables users to register a new account. It adds a “Register” link on the same menu bar as the “Login” link. {{{ [components] acct_mgr.web_ui.RegistrationModule = enabled }}} [[Image(register.png)]] {{{ #!div class="important" '''Warning:''' You must enable one of the above password storage modules for the Registration Module to work. }}} '''Note:''' You must not enable `ignore_auth_case` in `trac.ini` as otherwise this module won’t work. === !EmailVerificationModule === '''Package''':: acct_mgr.web_ui If you enable this, users will be sent an email with a verification code to enter, to approve it is really their own email address: {{{ [components] acct_mgr.web_ui.EmailVerificationModule = enabled }}} Until they entered the verification code on the URL sent with the email, their permissions will be restricted (even if they have the ''TRAC_ADMIN'' privilege, they won't be able to access anything exceeding the standard privileges of ''authenticated'' users). Note that with the current code, this will only happen if an email was specified - but this is not enforced on registration. In other words, if some user registers w/o specifying an email address, this will be possible - no verification will be done, but the account will be created anyway. If you want to enforce entering a valid email on registration, there's a patch for this attached to ticket #5509 you could use (read more there). Be warned that it is not thoroughly tested yet - so if you use it, feel free to add your comments to that ticket :) == Post Setup/Configuration == In order to use the Account Manager plugin, while logged in as a user with TRAC_ADMIN rights, use the new “Admin” link on the menubar. Once in, you might want to enable the permissions to allow the “authenticated” user group permissions. For instance, if you remove the anonymous group from TICKET_MODIFY, and WIKI_MODIFY, and add the “authenticated” group instead, only authenticated, logged-in (registered) users can perform ticket modifications and wiki editing. == Recent Changes == [[ChangeLog(/accountmanagerplugin,3)]] == Author/Contributors == '''Author:''' [wiki:mgood] [[BR]] '''Maintainer:''' [wiki:hasienda] [[BR]] '''Contributors:''' [wiki:crocea], [wiki:mrelbe], [wiki:pacopablo], [wiki:s0undt3ch], [wiki:manski] [[BR]]